CVE-2010-4194

Опубликовано: 10 фев. 2011

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

Ссылки

http://www.adobe.com/support/security/bulletins/apsb11-01.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/189929
US Government Resource
http://www.securityfocus.com/bid/46335
http://www.securitytracker.com/id?1025056
http://www.vupen.com/english/advisories/2011/0335
Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb11-01.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/189929
US Government Resource
http://www.securityfocus.com/bid/46335
http://www.securitytracker.com/id?1025056
http://www.vupen.com/english/advisories/2011/0335
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*

Версия до 11.5.9.615 (включая)

cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10209

Средний

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-5f5v-67j5-fvcf

github

больше 3 лет назад